14 posts
Posted 10 November 2012 - 07:06 AM
I'm currently working on a system using Computercraft, Railcraft, Redpower and IC2 to sell tickets(with trade-o-mats from IC2) I decided the tickets should be floppy disks. Although, I've found a problem, if I use floppy disks there is a chance people can make their own tickets to ride my rail road. Currently I've just been testing using label names. Would just making a big scrambled file work?
TL;DR
Is there a way to make unreplicable floppy disks?
214 posts
Posted 10 November 2012 - 07:19 AM
Not that i know of. but if your advanced in CC you may be able to do this. have a computer that puts a floppy disk in using pipes. then the computer writes a random generated pass code onto the disk. then once thats done, to ride on your rail road i assume you put the disk in a drive? if you do you could have it so once that key has been used it cannot be used again. that would be one way of doing it but not sure how you can do it :unsure:/>/>
60 posts
Location
UK
Posted 10 November 2012 - 07:20 AM
As far as I know, its impossible to avoid someone copying an entire disk's contents and label onto another disk. You may want to think about getting an addon peripheral (Assuming someone else can't get you a better answer)
14 posts
Posted 10 November 2012 - 07:31 AM
I might try with the random phrase written to a file Ahh this is going to be a lot of work
715 posts
Posted 10 November 2012 - 07:37 AM
One idea would be the following:
1. Ask the user who wants to buy a ticket to choose a password.
2. Create a sufficiently long & random string.
3. Encrypt that string with the user's chosen password.
4. Write this string to a disk.
So whenever such a disk is then inserted inte the ticket validation computer, this would happen:
1. Ask user to enter a password.
2. Read encrypted string from disk.
3. Try to decrypt the string with the password provided by the user (either blindly, or with a check for success; depends on the encryption algorithm chosen)
4. Compare the decrypted string with the list of valid-and-unused strings.
5. Depending on the outcome of 4: Access Denied or Access Granted
In short:
Encrypt a random string with a user chosen password.
That way even if someone copies the disk he still needs the password.
Optionally make sure to keep track of already used random strings.
EDIT:
Of course this is only as secure as the encryption algorithm chosen.
If you're hacking together your own, then that's probably at most security through obscurity. :unsure:/>/>
Also implementation is very important. Even the most secure encryption algorithm will fail if you don't secure the computer that creates valid disks (or the ticket validation computer).^^
Edited on 10 November 2012 - 06:40 AM
14 posts
Posted 10 November 2012 - 07:42 AM
Great Idea. I'll have to make an extra terminal for the encryption but it's doable. Although still someone could take any ol' floppy and throw it in the encryption computer.
There doesn't seem to be an easy way to check the validity of an item sold form a trade-o-mat
715 posts
Posted 10 November 2012 - 07:48 AM
Well, there are some ways how you can limit who can create tickets.
Securing the computer with a login that can't be terminated and automatically starts up on boot would be a solution.
Additionally, if you have external access to the mods folder, only permit booting from disk with a special password by editing the bios.lua file.
14 posts
Posted 10 November 2012 - 07:50 AM
Sadly it's on a server I don't own. Thanks for the help I suppose I'll keep thinking.
686 posts
Posted 10 November 2012 - 08:11 AM
I would do it something like this:
Register an account on a central server, then insert a floppy. A unique keycode is written to the floppy. To purchase a ticket you insert the floppy, enter your account information, and purchase a ticket. The ticket is registered to your account. You insert the floppy into the ticket-taker machine, login, and the ticket is removed from your account and you are allowed entry.
871 posts
Posted 10 November 2012 - 08:29 AM
wow. all these suggestions and nobody pointed out disks have unique ids just like computers. There seems to be a bug in the current version's disk.getSerial(sSide) method, but you can call it directly through the peripheral api, peripheral.call(sSide,"getDiskID"). This will give you a unique id for each floppy that can't be copied or faked.
Beyond that, I'd suggest instead of writing the information about the ticket on the disk itself, have a server you contact over rednet which stores the information for all tickets in a table with the unique disk id as a key.
808 posts
Posted 10 November 2012 - 01:56 PM
wow. all these suggestions and nobody pointed out disks have unique ids just like computers. There seems to be a bug in the current version's disk.getSerial(sSide) method, but you can call it directly through the peripheral api, peripheral.call(sSide,"getDiskID"). This will give you a unique id for each floppy that can't be copied or faked.
Beyond that, I'd suggest instead of writing the information about the ticket on the disk itself, have a server you contact over rednet which stores the information for all tickets in a table with the unique disk id as a key.
There is no mention of a function called disk.getSerial() on the wiki. There is however a perfectly working disk.getDiskID() function listed on the wiki. Saves from having to use peripheral.call() (it's a little less convenient to type)